What it’s like to do cyber security penetration testing
Having been in cyber penetration testing for over 2 years, John has some great insights about what it’s like to be in this role day-to-day. Here, he gives us the low down on a career in cyber security.
Cyber penetration testing - what’s it all about?
“Cyber penetration testing involves lots of different engagements, so it’s a really varied role. Penetration testing is essentially ethical hacking. It’s all about trying to get full control of a network, by gaining access and privileges and then informing a business on how to improve their security measures. As a cyber security penetration tester, success is all about looking for weaknesses which someone working in an unethical way might be able to exploit.”
What’s your day-to day-role like as a cyber penetration tester?
“Day-to-day, you could be working on external or internal penetration tests either on site or remotely. So for example, at the moment I’m working in a red team which means i’m working with a group of ethical hackers to simulate attacks on businesses and test how equipped they are to deal with cyber attacks. It’s interesting because we often keep our work quite secret and don’t tell people within the business about it – this allows us to get a realistic overview of how a company’s security team is performing.
A typical day involves working in a team creating simulations. So, for example, we send out phishing simulations where we select a sample of employees and send a phishing email to see how people respond. From this, we can monitor clicks and see if people are downloading malware and picking up infections. We can then make suggestions on how to improve security measures”.
What are the common flaws that come up when performing cyber security penetration testing?
“People are complacent when it comes to cyber security, and the biggest weakness to a business’s security is usually the people they employ. For example, people not being aware and writing their passwords down in silly places or not being aware of how secure they are when they’re online. For that reason it’s quite a people-focused role – you’re always looking for holes in a company’s security and often human error plays a part in that.”
Cyber security jobs from home - how is it possible?
How did you get into cyber security penetration testing?
“I went to university and did a physics degree and then went on a grad scheme in cyber penetration testing. When I began my penetration testing career, I had no experience in the field but my enthusiasm for tech helped me land my dream role. I had no experience in it but I developed an interest and followed it.”
See also: how to break into cyber security
What’s the best part of the cyber penetration role?
“The variety. There’s lots of different types of work and different clients so it’s always changing. I work on a project for around a week or so, so I never get bored. Of course, the length of your post changes depending on the role you do – my engagements are typically around a week but the rest of the cyber security team’s projects would be a bit longer.”
What advice would you give to future ethical hackers?
“To be a good ethical hacker you need to be curious and persistent – those are the two secret ingredients. Also, there’s a lot to be said for being passionate about tech. I would recommend having a good grasp on cloud computing as it’s going to be big and is going to change how we do things in business in general and in cyber security. My advice would also be to do a lot of research into cyber security and keep up to date with the latest vulnerabilities and techniques.”
See also: Zach Gibbons talks about pursuing a career in cyber security
Would you recommend ethical hacking as a career?
Yes – it’s really fun. A career in cyber penetration testing offers a good variety of work and a chance to be a little bit geeky. There’s a big need for ethical hackers and penetration testers – it’s quite a small community and there is a strong demand for it. Especially in the current climate, there is always going to be the need for cyber security penetration testers and cyber security experts. It’s quite fulfilling too, when you’re successful on a project it’s really rewarding.
If you want to follow in John’s footsteps and gain the qualifications to become a pro ethical hacker, then take a look at our cyber security courses or speak to one of our specialist Career Consultants today.
Related Articles
Cyber SecurityTop 5 industries hiring for cyber security skills right now
Discover 5 of the most exciting industries urgently hiring cyber security professionals in 2024. Explore career opportunities in tech, finance, healthcare, government, and retail. Learn how cyber security training can kickstart your career in this booming field.
Read More
Student TestimonialsJack Kyzer | Cyber Student Testimonial
Learn how Jack Kyzer kick-started his career in cyber security with certifications from Learning People. Read his success story and take the first step towards your dream career in cyber today!
Read More
Student TestimonialsYasmin | Cyber Student Testimonial
Discover how Learning People graduate Yasmin transitioned from Commercial Solicitor to Junior Cyber Professional. Read her story and start your journey today.
Read More
Career AdviceFrom Music Teacher to IT Security Consultant: Michael’s Success Story
Discover how Michael Ready transitioned from a music teacher to an IT Information Security Consultant with Learning People. Read about his journey, career transformation, and the support he received to achieve his goals.
Read More